[mod_gnutls] fix ssl.ca_dn_file data access

identified by coverity

If ssl.ca_dn_file is set, then its contents were not properly matched
against the provided client certificate
Glenn Strauss 2021-01-17 14:42:59 -05:00
parent d5b166c04d
commit a16488269d
1 changed files with 1 additions and 1 deletions

View File

@ -828,7 +828,7 @@ mod_gnutls_verify_cb (gnutls_session_t ssl)
/* verify that client cert is issued by CA in ssl.ca-dn-file
* if both ssl.ca-dn-file and ssl.ca-file were configured */
gnutls_x509_crt_t *CA_list =
(gnutls_x509_crt_t *)&hctx->conf.ssl_ca_dn_file->data;
(gnutls_x509_crt_t *)hctx->conf.ssl_ca_dn_file->data;
unsigned int len = hctx->conf.ssl_ca_dn_file->size;
unsigned int i;
gnutls_x509_dn_t issuer, subject;